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1. Claims 1-24 are pending in this application. 

Claim Rejections - 35 USC § 103 

2. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

3. Claims1-24, are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Coss et al. (EP 09090072 A2), hereinafter "Coss" in view of Boden et al. (Pub. No.: US 
2001/0000193 A1), hereinafter "Boden". 

4. As to claim 1 , Coss discloses, method for an administrator to restrict access to a 
device parameter over a distributed computer system, the steps comprising ([0031 , 
lines 20-22]): 

specifying an address range associated with a data packet ([0036, Step-702, 
lines 25-26]); 

generating at least one filter corresponding to the specified address range (0036, 
Fig.7, Step-701-703, lines 24-28]), wherein the filter includes, 

a reference address ([0034, line 53-54]), 
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an address mask([0034, line, 53-54], where domain name translates to IP and 
each IP has an subnet mask associated with it), and 

an instruction representative of a desired action to be taken for a correlating 
address ([0036, Step-702, lines 25-27], where specified domain is selected by packet's 
address range); 

receiving an incoming packet ([0034, line 51]); 

comparing a source address of the incoming packet to the reference address to 

determine a correlating address ([0034, lines 56-57]); and 

i 

executing the instruction representative of the desired action in accordance with 
the source address of the incoming packet ([0034, Step-501-504, lines 45-58). 

Coss does not explicitly disclose, comparing source packet with reference 
address. However, It is well know in the art and obvious from the teachings of Coss in 
(step-504, [0034, lines 56-57]) that source address is searched through rule table for 
address matching and upon finding the matching results, it decides whether to deny or 
accept the packet. 

Therefore, it would have been obvious to one ordinary skilled in the art at the 
time the invention was made to modify the teachings of Coss in order to make an 
obvious variation of comparing the packet's source address with reference address for 
legitimacy of packet so it can be dropped and save further processing time for that 
particular packet. 
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5. As to claim 13, Coss discloses, system for an administrator to restrict access to a 
device parameter over a distributed computer system ([0031, lines 20-22]), comprising: 

means adapted for specifying an address range associated with a data packet 
([0036, Step-702, lines 25-26]); 

means adapted for generating at least one filter corresponding to the specified 
address range (0036, Fig.7, Step-701-703, lines 24-28]), wherein the filter includes, 

a reference address ([0034, line 53-54]), 

an address mask ([0034, line, 53-54], where domain name translates to IP and 
each IP has an subnet mask associated with it), and 

an instruction representative of a desired action to be taken for a correlating 
address ([0036, Step-702, lines 25-27], where specified domain is selected by packet's 
address range); 

means adapted for receiving an incoming packet ([0034, line 51]); 

means adapted for comparing a source address of the incoming packet to the 
reference address to determine a correlating address ([0034, lines 56-57]); and 

means adapted for executing the instruction representative of the desired action 
in accordance with the source address of the incoming packet ([0034, Step-501-504, 
lines 45-58). 



Application/Control Number: 10/675,708 Page 5 

Art Unit: 2196 

Coss does not explicitly disclose, comparing source packet with reference 
address. However, It is well know in the art and obvious from the teachings of Coss in 
(step-504, [0034, lines 56-57]) that source address is searched through rule table for 
address matching and upon finding the matching results, it decides whether to deny or 
accept the packet. 

Therefore, it would have been obvious to one ordinary skilled in the art at the 
time the invention was made to modify the teachings of Coss in order to make an 
obvious variation of comparing the packet's source address with reference address for 
legitimacy of packet so it can be dropped and save further processing time for that 
particular packet. 

6. As to claim 2, Coss discloses the method further comprising: 

performing a bitwise AND operation between the source address and the 
address mask ([0034, page.6, lines 5-12]); 

performing a bitwise AND operation between the reference address and the 
address mask ([0034, page.6, lines 5-12]); and 

Coss does not disclose explicitly about comparing the outcomes of bitwise 
operation. However, Boden discloses, comparing the outcomes of the bitwise AND 
operations, wherein equal outcomes results in the correlating address, and wherein not 
equal outcomes results in an address outside the specified range (Fig.4, Step-320 and 
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Step-330, [0034, lines 18-24], that applying 6-tuples and performing the bitwise 
operation produces the results as whether to accept or deny the packet by setting up 
the rules (which is purely a matter of design choice). 

Therefore, it would have been obvious to one ordinary skilled in the art at the 
time the invention was made to combine the teachings of Coss with the teachings of 
Boden in order to resolve filtering rules for each IP packet at the physical interface. 

7. As to claim 14, the claim is rejected for the same reasons set forth in claim 2 
above. 

8. As to claim 3, Coss teaches, the method, wherein the desired action includes an 
instruction to block the incoming packet ([0030, line 26], Fig.3, Rule-20 has an 
associated "drop" action). 

9. As to claim 1 5, the claim is rejected for the same reasons set forth in claim 3 
above. 

10. As to claim 4, Coss does not discloses the method further comprising the step of 
dropping the incoming packet with a source address inside the specified address range. 
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However, Boden teaches, all incoming packet gets through first filter, which 
means all incoming packets consists of out of range as well as within the range packets 
and second filter drop the packets based on packets port assignments ([0027, lines 1- 
4)). 

Therefore it would have been obvious to one ordinary skilled in the art at the time 
the invention was made to combine the teachings of Coss with the teachings of Boden 
in order to fast filter packet before going through further filtering process. 

11. As to claim 16, the claim is rejected for the same reasons set forth in claim 4 
above. 

12. As to claim 5, Coss does not disclose, the method further comprising the step of 
allowing the incoming packet with a source address outside the specified address 
range. 

However, Boden teaches, allowing all TCP/IP packets through first filter. ([0027, 
lines 1-4], allows all TCP/IP packets regardless of correct address range). 

Therefore it would have been obvious to one ordinary skilled in the art at the time 
the invention was made to combine the teachings of Coss with the teachings of Boden 
in order to fast filter packet before going through further process. 
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13. As to claim 17, the claim is rejected for the same reasons set forth in claim 5 
above. 

14. As to claim 6, Coss does not disclose, the method, further comprising the step of 
processing packets where source address is out of specified range. 

However, Boden teaches, processing the incoming packet with the source 
address outside the specified address range ([0027, lines 1-4], after receiving all the 
incoming packets, packets are processed and dropped based on the source or 
destination ports). 

Therefore it would have been obvious to one ordinary skilled in the art at the time 
the invention was made to combine the teachings of Coss with the teachings of Boden 
in order to fast filter packet before going through further filtering process. 

1 5. As to claim 18, the claim is rejected for the same reasons set forth in claim 6 
above. 

16. As to claim 7, Coss discloses, the method, wherein the desired action includes 
an instruction to allow the incoming packet ([0030, line 26], Fig. 3, Rule-10 "pass" 
action). 
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17. As to claim 19, the claim is rejected for the same reasons set forth in claim 7 
above. 

18. As to claim 8, Coss teaches, the method, further comprising the step of 
processing the incoming packet ([0034, lines 45-47]). 

19. As to claim 20, the claim is rejected for the same reason set forth in claim 8 
above. 

20. As to claim 9, Coss does not disclose, the method, further comprising the step of 
blocking packet if source address is outside the address range. 

However, Boden teaches, blocking the incoming packet with a source address 
outside the specified address range ([0026, lines 3-5]). 

Therefore it would have been obvious to one ordinary skilled in the art at the 
time the invention was made to combine the teachings of Coss with the teachings of 
Boden in order to fast filter packet before going through further filtering process. 

21 . As to claim 21 , the claim is rejected for the same reasons set forth in claim 9 
above. 



Application/Control Number: 10/675,708 Page 10 

Art Unit: 2196 

22. As to claim 10, Coss does not disclose explicitly, the method, further comprising 
the step of dropping the incoming packet with the source address outside the specified 
address range. 

However, Boden teaches, dropping the incoming packet with a source address 
outside the specified address range ([0026, lines 3-5]). 

Therefore it would have been obvious to one ordinary skilled in the art at the time 
the invention was made to combine the teachings of Coss with the teachings of Boden 
in order to fast filter packet before going through further filtering process. 

23. As to claim 22, the claim is rejected for the same reasons set forth in claim 10 
above. 

24. As to claim 1 1 , Coss does not disclose, the method, wherein the filter is 
incorporated inside an SNMP agent. 

However, Boden teaches, SNMP is a well-known technique in the art at the time 
the invention was made and using SNMP obviously implies to have commands 
associated with the protocol ([0027, lines 1-7]). 
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Therefore it would have been obvious to one ordinary skilled in the art at the time 
the invention was made to combine the teachings of Coss with the teachings of Boden 
in order to fast filter packet before going through further filtering process. 

25. As to claim 23, the claim is rejected for the same reasons set forth in claim 1 1 
above. 

26. As to claim 12, Coss discloses, the method, wherein the source address and the 
reference address are an Internet Protocol address ([0032, lines 29-33] and [0034, lines 
53-54], where domain address is a reference address). 

27. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

Conclusion 

McNamee (Pub. No.: US 2004/01 17488 A1) discloses a communication traffic 
acceptance control method and a Protocol Data Unit filtering gateway are presented. 
Heiney et al. (Pub. No.: US 2004/0207866 A1) discloses, computer program products 
and print server for discovering printers connected to a print server. 
Kominsky (Pub. No.: US 2003/0018591 A1) discloses, small, optimized sequence of 
binary 5-tupples, representing filter rules. 

Swanderet al. (Pub. No.: US 2004/0250131 A1) discloses, system for adding, 
removing and managing a plurality of network policy filter. 
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28. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Tauqir Hussain whose telephone number is 571-272- 
1247. The examiner can normally be reached on 7:30 AM to 5:00 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nabil El Hady can be reached on 571 272 3963. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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